Huawei Emui vulnerabilities

CVE-2023-52360 [HIGH] CWE-511 CVE-2023-52360: Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect servi Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect service integrity.

CVE-2023-52379 [HIGH] CWE-276 CVE-2023-52379: Permission control vulnerability in the calendarProvider module.Successful exploitation of this vuln Permission control vulnerability in the calendarProvider module.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52362 [HIGH] CWE-276 CVE-2023-52362: Permission management vulnerability in the lock screen module.Successful exploitation of this vulner Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52377 [HIGH] CWE-120 CVE-2023-52377: Vulnerability of input data not being verified in the cellular data module.Successful exploitation o Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access.

CVE-2023-52380 [MEDIUM] CVE-2023-52380: Vulnerability of improper access control in the email module.Successful exploitation of this vulnera Vulnerability of improper access control in the email module.Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52368 [MEDIUM] CWE-20 CVE-2023-52368: Input verification vulnerability in the account module.Successful exploitation of this vulnerability Input verification vulnerability in the account module.Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52358 [MEDIUM] CVE-2023-52358: Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of t Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52365 [MEDIUM] CWE-120 CVE-2023-52365: Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE-2023-52363 [MEDIUM] CVE-2023-52363: Vulnerability of defects introduced in the design process in the Control Panel module.Successful exp Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by mistake.

CVE-2023-52371 [LOW] CWE-476 CVE-2023-52371: Vulnerability of null references in the motor module.Successful exploitation of this vulnerability m Vulnerability of null references in the motor module.Successful exploitation of this vulnerability may affect availability.

CVE-2023-52103 [CRITICAL] CWE-120 CVE-2023-52103: Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may c Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE-2023-52101 [CRITICAL] CWE-200 CVE-2023-52101: Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service availability and integrity.

CVE-2023-52106 [CRITICAL] CWE-264 CVE-2023-52106: Vulnerability of permission verification for APIs in the DownloadProviderMain module. Impact: Succes Vulnerability of permission verification for APIs in the DownloadProviderMain module. Impact: Successful exploitation of this vulnerability will affect integrity and availability.

CVE-2023-52102 [HIGH] CWE-116 CVE-2023-52102: Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vu Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-44117 [HIGH] CWE-290 CVE-2023-44117: Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitat Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE-2023-52113 [HIGH] CWE-400 CVE-2023-52113: launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this v launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-52114 [HIGH] CWE-269 CVE-2023-52114: Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this vulne Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this vulnerability may affect service integrity.

CVE-2023-44112 [HIGH] CWE-200 CVE-2023-44112: Out-of-bounds access vulnerability in the device authentication module. Successful exploitation of t Out-of-bounds access vulnerability in the device authentication module. Successful exploitation of this vulnerability may affect confidentiality.

CVE-2023-52108 [HIGH] CVE-2023-52108: Vulnerability of process priorities being raised in the ActivityManagerService module. Successful ex Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

CVE-2023-52104 [HIGH] CVE-2023-52104: Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vu Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.